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Response to Amendment 

This Office Action is in response to a communication received on January 7, 

2009. 

The Information Disclosure Statement received January 26, 2009 has been 
considered. 

Claims 1-9 and 28 have been cancelled. 

Claims 10-12, 14-16, 18, 21-22, 24, 26, 29-32, and 34-35 are currently amended. 
Claims 10-27 and 29-35 are currently pending in this application. 

Response to Arguments 

Applicant's arguments with respect to claims 10, 18, and 21 have been 
considered but are moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 10-27 and 29-35 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Misra (5757920) in view of Wang (7020705). 

Regarding claims 10, 18 and 21, Misra teaches a method for providing access 
management comprising: 
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(a) authenticating access privileges of a user to a first (Column 7, lines 53 - 65) 
and a second server machine (Column 5, lines 10 - 21) whereby the first and second 
server machines are configured to comprise a secured item (Column 5, lines 10-14); 
and 

Misra does not explicitly indicate preventing access to the second server 
machine while the user is accessing the first server machine; wherein the user is 
disconnected from the first server machine before being connected to the second server 
machine. 

Wang teaches a system including a plurality of secure domains where the 
system disconnects a first connection to a domain, before initiating a session 
connection to a secure domain (Col. 2, lines 44-52; Col. 3, lines 32 - 46). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to use Wang's teaching of only allowing the use to have one open 
session to a secure item or domain in Misra's system to ensure extra security against 
unauthorized users (Col. 9, lines 39 - 47). 

Regarding claims 29, 31, and 34, Misra teaches the method as recited in claims 
10, 18, and 21, wherein step (a) comprises: 

authenticating the user with the first server machine with respect to a previous 
access request (Column 7, lines 53 - 65); 

subsequently receiving a current access request via the second server machine 
(Column 5, lines 10-21); and 
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authenticating the user with the second server machine with respect to the 
current access request (Column 5, lines 10 - 21 , where the user roams into a second 
domain, which can include using a different computer in the second domain, see Col. 7, 
lines 23-30). 

Regarding claims 30, 32, and 35, Misra teaches the method as recited in claims 
29, 31, and 34. 

Misra does not explicitly indicate that wherein step (b) comprises: 

upon receiving the current access request via the second server machine, 
identifying a first local module previously supporting the user at the first server machine; 

reconfiguring the first local module at the first server machine to remove support 
for the user at the firs server machine; 

identifying a second local module to support the user at the second server 
machine; and 

reconfiguring the second local module at the second server machine to add 
support for the user at the second server machine. 

Wang teaches a system including a plurality of secure domains where the 
system disconnects a first connection to a domain, before initiating a session 
connection to a secure domain (Col. 2, lines 44-52; Col. 3, lines 32 - 46). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to use Wang's teaching of only allowing the use to have one open 
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session to a secure item or domain in Misra's system to ensure extra security against 
unauthorized users (Col. 9, lines 39 - 47). 

Regarding claims 11, 22, and 25, Misra teaches a method as recited in claims 

29, 31 , and 21 , wherein step (a1 ) authenticates both the user and a client machine 
being used by the user (Column 4, line 66 - Column 5, line 9). 

Regarding claims 12 and 26, Misra teaches a method as recited in claims 29 
and 21 , wherein the first and the second server machine are access points for the user 
to gain access to the secured item (Column 5, lines 10-14). 

Regarding claims 13 and 23, Misra teaches a method as recited in claims 29 
and 32, wherein when the user is at a first location, the user interacts over a network 
with the first server machine, and when the user is at a second location, the user 
interacts over a network with the second server machine using a second client machine 
at the second location (Column 5, lines 10-21). 

Regarding claims 14, 20, and 27, Misra teaches a method as recited in claims 

30, 32, and 35, wherein said method further comprises: determining, prior to 
disconnecting the user from the first connection, whether the user is permitted to gain 
access through a second location to the secured item via the second server machine 
(Column 5, lines 10-16). 

Regarding claim 15, Misra teaches a method as recited in claim 39, wherein 
said the authenticating the user with the first server occurs while the user is at a first 
location, and wherein receiving the access request occurs while the user is at a second 
location (Column 5, lines 10 - 21 , wherein the system has a home location with 
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maintains the credentials and authorization, which is then distributed through the server 
system). 

Regarding claims 16 and 24, Misra teaches a method as recited in claims 17 
and 33, wherein said method further comprises: 

upon receiving the current access request to access the secured item via the 
second server machine, determining permitted locations from which the user is 
permitted to access to the secured item; 

determining, whether the second location is one of the permitted locations for the 
user; and 

bypassing the disconnecting the user from the first connection in response to the 
determination that the second location is not one of the permitted locations for the user 
(Column 5, lines 10-21). 

Regarding claims 17, 19, and 33, Misra teaches a method as recited in claims 
30, 31, and 32, wherein: 

when the user is at the first location, the user interacts over a network with the 
first server machine using a first client machine at the first location, and 

when the user is at the second location, the user interacts over a network with 
the second server machine using a second client machine at the second location 
(Column 3, line 67 - Column 4, line 7; Column 4, line 66 - Column 5, line 2; Column 5, 
lines 10-19, wherein the user and machine locations are roaming in the system and 
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which ever domain the user/machine combination logs in at it connects to that domains 
controller which is the same location as the machine location). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to KEVIN BATES whose telephone number is (571) 272- 
3980. The examiner can normally be reached on 9 am - 5 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Bunjob Jaroenchonwanit can be reached on (571) 272-3913. The fax 
phone number for the organization where this application or proceeding is assigned is 
571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Kevin Bates/ 

Primary Examiner, Art Unit 2456 



